<?php
	if(getRequestParameter("logout") !== false)
	{
		logout();
	}
	
	if(getRequestParameter("login") !== false)
	{
		global $connection;
		
		if(getRequestParameter("email") != false && getRequestParameter("password") != false)
		{
			$email = getRequestParameter("email");
			$password = md5(getRequestParameter("password"));
			$client = $connection->fetch_one("SELECT id FROM user WHERE email = ? AND password = ?", array($email, $password));
			if(isset($client["id"]))
			{
				login($client["id"]);
				
				$message["error_count"] = 0;
				$message["message"] = translate("login_successful");
				
			}
			else
			{
				$message["error_count"] = 1;
				$message["message"] = translate("login_unsuccessful");
			}
		}
		else
		{
			$message["error_count"] = 1;
			$message["message"] = translate("login_unsuccessful");
		}
		
		echo json_encode($message);
	}
	
	if(getRequestParameter("wishmeter") !== false)
	{
		global $connection;
		$message = array();
		
		$client = getLoginData();
		if(!isset($client["id"]))
		{
			$loginPage = get_site_page_by_slug("login", $_SESSION["language"]["id"]);
			
			$message["message"] = translate("wishlist_need_to_login");
			$message["message"] .= "<a href='".site_url().$loginPage["url"].".html'>" . translate("log_in_now") . "</a>";
			
			echo json_encode($message);
			
			return false;
		}
		
		if(getRequestParameter("product_id") !== false && getRequestParameter("rating") !== false)
		{
			$params[] = $client["id"];
			$params[] = getRequestParameter("product_id");
			$wishItem = $connection->fetch_one("SELECT id FROM users_wishlists WHERE user_id = ? AND product_id = ?", $params);
			
			if(isset($wishItem["id"]))
			{
				$updateParams["id"] = $wishItem["id"];
				$updateParams["wishmeter"] = getRequestParameter("rating");
				
				$connection->update("users_wishlists", $updateParams);
				
				$message["rating"] = getRequestParameter("rating");
				$message["message"] = translate("wishlist_wishmeter_updated");
				
				echo json_encode($message);
				
				return false;
			}
		}
		
		$message["message"] = translate("unknown_error");
				
		echo json_encode($message);
	}
	
	if(getRequestParameter("change_password") !== false)
	{
		global $connection;
		
		$errors = array();
		$message = array();
		if(getRequestParameter("old_password") !== false)
		{
			$oldPassword = getRequestParameter("old_password");
			$client = getLoginData();
			if(isset($client["id"]))
			{
				if(md5($oldPassword) == $client["password"])
				{
					$newPassword = getRequestParameter("new_password");
					if(strlen($newPassword) >= 5)
					{
						$newPassword2 = getRequestParameter("new_password_again");
						if($newPassword == $newPassword2)
						{
							$params["id"] = $client["id"];
							$params["password"] = md5($newPassword);
							$connection->update("user", $params);
							$message["error_count"] = 0;
							$message["message"] = translate("password_change_success");
							
							echo json_encode($message);
							return false;
						}
					}
				}
			}
		}
		$errors["error_count"] = 1;
		$errors["message"] = translate("password_change_error");
		echo json_encode($errors);
		return false; 
	}

	if(getRequestParameter("forgot_password") !== false)
	{
		if(getRequestParameter("email") !== false)
		{
			
			$email = getRequestParameter("email");
			
			global $connection;
			$client = $connection->fetch_row("user", $email, "email");
			
			if(isset($client["id"]))
			{
				$resetToken = md5($client["email"].microtime());
				
				$params["id"] = $client["id"];
				$params["reset_token"] = $resetToken;
				
				$connection->update("user", $params);
				
				$message["error_count"] = 0;
				$message["message"] = translate("fogot_password_email_sent");
				echo json_encode($message);
				return false;
// TODO : send recovery email				
				/*include ( 'Email.php' );
				$url = scripts_url() . "html-includes/email-template.php?password_reset_token=".$resetToken;
				
				$ch = curl_init($url );

				curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
				curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
				$content = curl_exec($ch);
				curl_close($ch);
				if($content != "")
				{
					$email = new Email();
					$config['mailtype'] = 'html';
					
					$companyEmail = get_setting("email");
					$companyName = get_setting("company_name");
					
					$email->initialize ( $config );
					$email->from($companyEmail, $companyName);
					$email->to($client['email']); 
					//$email->cc('we@yahoo.com'); 
					//$email->bcc('them@their-example.com'); 
					$email->subject('Resetare parola '.$companyName);
					$email->message($content);	
					
					$email->send();
				}*/
				
			}
		}

		$errors["error_count"] = 1;
		$errors["message"] = translate("fogot_password_error");
		echo json_encode($errors);
		
		return false;
	}
	
	if(getRequestParameter("register") !== false)
	{
		$errors = array();
		$params = array();
		$message = array();
		
		
		global $connection;
		
		
		
		$params = array();
		$errors = array();
		
		$client = getLoginData();
		
		validateClient($params, $errors, $client);
		
		if(!isset($client["id"]))
		{
			require_once("../helpers/securimage/securimage.php");
			
			$securimage = new Securimage();
			if($securimage->check(getRequestParameter("captcha")) == false) 
			{
				$errors["captcha"] = translate("contact_error_invalid_captcha");
			}
			
			if(getRequestParameter("terms_and_conditions") === false || getRequestParameter("terms_and_conditions") != 1)
			{
				$errors["terms_and_conditions"] = translate("register_error_terms_and_conditions");
			}
			else
			{
				$params["terms_and_conditions"] = 1;
			}
		}
		
		
		$errorCount = count($errors);
		
		if($errorCount > 0)
		{
			$errors["error_count"] = $errorCount;
			echo json_encode($errors);
			return false;
		}
		else
		{
			$message["error_count"] = 0;
			if(!isset($client["id"]))
			{
				$clientID = $connection->insert("user", $params);
				login($clientID);
				$message["message"] = translate("register_success");
				$email = getRequestParameter("email");
			}
			else
			{
				$params["id"] = $client["id"];
				
				$connection->update("user", $params);
				
				$message["message"] = translate("update_account_success");
				$email = $client["email"];
			}
			
			
			
			if(getRequestParameter("recieve_newsletter") == 1)
			{
				$checkNewsletterClient = $connection->fetch_row("newsletter_users", $email, "email");
				$params["email"] = $email;
				if(!isset($checkNewsletterClient["id"]))
				{
					$connection->insert("newsletter_users", $params);
				}
			}
			else
			{
				$newsletterParams["email"] = $email;
				$connection->delete("newsletter_users", $newsletterParams);
			}
			
			echo json_encode($message);
		}
		
	}
?>